CVE-2016-3088 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-3088 PUBLISHED KEV

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.

EPSS 94.29% · 99.9th percentile

Risk Scores

EPSS Score

94.29%

99.9th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:Pro:16.04:LTS	activemq	0, 5.6.0+dfsg1-4+deb8u1ubuntu1, 5.6.0+dfsg1-5

Timeline

Aug 17, 2015 PoC Published
Jun 1, 2016 CVE Published
Dec 3, 2016 PoC Published
Jun 29, 2017 PoC Published
Jun 29, 2017 PoC Published
May 10, 2018 PoC Published
May 29, 2018 PoC Published
Sep 19, 2018 PoC Published
Feb 6, 2019 PoC Published
Oct 21, 2019 PoC Published
Oct 9, 2020 PoC Published
Jan 29, 2021 PoC Published

References

https://ubuntu.com/security/CVE-2016-3088 third-party-advisory
http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2016-3088 third-party-advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog third-party-advisory

Open in Interactive Console →